<?php

	namespace Phptricks\system\library\security;

	/**
	 * Description of http_request_variables
	 *
	 * @author Sammy Guergachi <sguergachi at gmail.com>
	 */
	use Phptricks\system\core\library\library;
	use Phptricks\system\library\PhptricksExceptions\PhptricksExceptions as Exc;
	use Phptricks\system\library\request_variables\request_variables as request_variables;

	class security implements library{

		public $request_variables;
		public $_lack_filter = array();
		private static $_instance = null;

		public static function &getinstance(){
			if (self::$_instance === null) {
				self::$_instance = new \Phptricks\system\library\security\security();
			}
			return self::$_instance;
		}

		public function _initialize(){
			
		}

		public function __construct($_lack_filter = array()){
			$this->request_variables = request_variables::getinstance();

			$this->_lack_filter = $_lack_filter;
			if (class_exists('Session')) {
				$session = new Session();
			} else {
				if (session_id() == "") {
					session_start();
				}
			}

			$this->request_variables->_server = $this->set_data($this->request_variables->_server, 'sql');

			$this->request_variables->_get = $this->set_data($this->request_variables->_get, 'sql');
			$this->request_variables->_get = $this->set_data($this->request_variables->_get, 'subsigns');

			$this->request_variables->_post = $this->set_data($this->request_variables->_post, 'sql');
//			$this->request_variables->_post = $this->set_data($this->request_variables->_post, 'subsigns');
//			$this->request_variables->_files = $this->set_data($this->request_variables->_files, 'sql');
		}

		public function set_data($array_date, $type = 'sql'){
			if (isset($array_date) == true && !empty($array_date)) {
				if (is_array($array_date)) {
					foreach ($array_date as $key => $value) {
						if ($type != 'subsigns') {
							if (count($this->_lack_filter) > 0) {
								if (!in_array($key, $this->_lack_filter)) {
									if (is_array($value) == true) {
										$array_date[$key] = $this->set_data($value, $type);
									} else {
										$array_date[$key] = $this->filter($value, $type);
									}
								} else {
									$array_date[$key] = $value;
								}
							} else {
								if (is_array($value) == true) {
									$array_date[$key] = $this->set_data($value, $type);
								} else {
									$array_date[$key] = $this->filter($value, $type);
								}
							}
						} else {
							if (is_array($value) == true) {
								$array_date[$key] = $this->set_data($value, $type);
							} else {
								$array_date[$key] = $this->filter($value, $type);
							}
						}
					}
				}
			} else {
				$array_date = $this->filter($array_date, $type);
			}
			return $array_date;
		}

		public function filter($data, $type = 'sql'){
			if (!empty($data)) {
				$data = $this->{$type}($data);
			}
			return $data;
		}

		public function sql($str){
			if (!empty($str)) {
				$str = preg_replace("/(select|where|from|between|like|insert|update|delete|drop|alter|show|create|limit)/iUs", '', $str);
			} else {
				$str = $str;
			}
			return $str;
		}

		public function signs($str){
			if (!empty($str)) {
				$str = preg_replace("/([\!\"\$\%\&\'\(\)\*\+\,\-\.\:\;\<\=\>\@\[\]\^\`\{\|\}\~]+)/iUs", '', $str);
			} else {
				$str = $str;
			}
			return $str;
		}

		public function subsigns($str){
			if (!empty($str)) {
				$str = preg_replace("/([\$\'\`\~]+)/iUs", '', $str);
			} else {
				$str = $str;
			}
			return $str;
		}

		public function phpcode($str){
			if (!empty($str)) {
				if (preg_match('/(php|eval|base64|file\_|fopen|curl)/iUs', $str) == true) {
					return true;
				}
			} else {
				return false;
			}
		}

		public function check_files($filename){
			if (!empty($filename) && file_exists($filename)) {
				$file_data = file_get_contents($filename);
				if ($this->phpcode($file_data) == true) {
					@unlink($filename);
					return false;
				} else {
					return true;
				}
			} else {
				return true;
			}
		}

	}

?>
